﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using System.Text;
using System.Web;
using System.Web.Caching;
using System.Collections;
using System.Security.Cryptography;

namespace FSY.API.Utilities
{
    public class Fsy_SecurityUtil
    {
        #region private
        private static bool CheckXSS(string[] input)
        {
            if (input.Length > 0)
            {
                foreach (string str in input)
                {
                    if ((((str.IndexOf("<") >= 0) || (str.IndexOf("%3C") >= 0)) || (str.IndexOf("&lt;") >= 0)) || (str.IndexOf("<") >= 0))
                    {
                        return true;
                    }
                }
            }
            return false;
        }
        //Loc, loai bo tu ngu khong lanh manh.
        public static string WordUnfairFilter(string input)
        {
            string[] wordUnfair = new string[] { "fuck", "đồ má" };
            string output = input;
            foreach (string str in wordUnfair)
            {
                output = output.Replace(str, "");
            }
            return output;
        }
        #endregion

        #region public
        public static string KillSqlInjection(string input)
        {
            if (!CheckXSS(new string[] { input }) && (input != null))
            {
                string[] sqlinjection = new string[] { "create", "select", "drop", ";", "--", "insert", "delete", "xp_", "update", "'", "\"", "or", "=", "sp_", "exec", "declare" };
                string output = input;
                foreach (string str in sqlinjection)
                {
                    output = output.Replace(str, "");
                }
                return output;
            }
            return "";
        }
        /// <summary>
        /// 
        /// </summary>
        /// <param name="length">Chiều dài chuỗi random</param>
        /// <param name="LowerString">True: Chứa ký tự thường, False: Không chứa ký tự thường</param>
        /// <param name="Number">True: Chứa số, False: Không chứa số</param>
        /// <returns></returns>
        public static string RandomString(int length, bool LowerString, bool Number)
        {
            Random AppRandom = new Random((int)DateTime.Now.Ticks);
            string str = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
            if (Number)
            {
                str = str + "0123456789";
            }
            if (LowerString)
            {
                str = str + "abcdefghijklmnopqrstuvwxyz";
            }
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < length; i++)
            {
                int r = AppRandom.Next(0, str.Length);
                sb.Append(str.Substring(r, 1));
            }
            return sb.ToString();
        }
        /// <summary>
        /// Mã chuỗi dạng MD5
        /// </summary>
        /// <param name="strData">Chuỗi cần mã hóa</param>
        /// <param name="strKey">Key đính kèm</param>
        /// <returns></returns>
        public static string Encrypt(string strData, string strKey)
        {
            string password = strData + strKey;
            byte[] source = new UnicodeEncoding().GetBytes(password);
            byte[] hash = ((HashAlgorithm)CryptoConfig.CreateFromName("MD5")).ComputeHash(source);
            StringBuilder output = new StringBuilder();
            for (int i = 0; i < hash.Length; i++)
            {
                output.Append(hash[i].ToString("x2"));
            }
            return output.ToString();
        }
        #endregion
    }
}
